x86/efi: don't write relocations in efi_arch_relocate_image() first pass

x86/efi: don't write relocations in efi_arch_relocate_image() first pass

The function is invoked with delta=0 before ExitBootServices() is called,
as a dummy run purely to validate that all the relocations can be handled.
This allows us to exit gracefully with an error message.

However, we have relocations in read-only sections such as .rodata and
.init.te(xt). Recent versions of UEFI will actually make those sections
read-only, which will cause a fault. This functionaity was added in
EDK2 commit d0e92aad4 ("MdeModulePkg/DxeCore: Add UEFI image protection.")

It's OK to actually make the changes in the later pass because UEFI will
tear down the protection when ExitBootServices() is called, because it
knows we're going to need to do this kind of thing.

Reported-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>